mirror of
https://github.com/getnamingo/registry.git
synced 2025-07-12 13:58:12 +02:00
Fix towards the new password expiration policy
This commit is contained in:
parent
ddfb8fed75
commit
6968bfafa2
7 changed files with 191 additions and 9 deletions
|
@ -93,14 +93,15 @@ class AuthController extends Controller
|
|||
unset($_SESSION['2fa_email'], $_SESSION['2fa_password'], $_SESSION['is2FAEnabled']);
|
||||
|
||||
if ($login===true) {
|
||||
$db = $container->get('db');
|
||||
|
||||
// Check if password renewal is needed
|
||||
$passwordLastChanged = $_SESSION['password_last_changed'][$_SESSION['auth_user_id']] ?? 0;
|
||||
if (checkPasswordRenewal($passwordLastChanged)) {
|
||||
$passwordLastUpdated = $db->selectValue('SELECT password_last_updated FROM users WHERE id = ?', [$_SESSION['auth_user_id']]);
|
||||
if (checkPasswordRenewal($passwordLastUpdated)) {
|
||||
Auth::logout();
|
||||
redirect()->route('forgot.password')->with('error','Your password is expired. Please change it');
|
||||
}
|
||||
|
||||
$db = $container->get('db');
|
||||
$currentDateTime = new \DateTime();
|
||||
$currentDate = $currentDateTime->format('Y-m-d H:i:s.v'); // Current timestamp
|
||||
$db->insert(
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue